MustLive said: > Hello Full-Disclosure! > > I already sent this letter to Bugtraq at 6th of September, but they declined > to post it without any explanation - maybe it was due to some politic > reasons :-). Will see how it'll be with your list. > Or maybe cause it's not a browser security issue :)
Escaping user's inputs depends from the context, that's all. It's a server-side problem, the application must PROPERLY sanatise inputs. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
